Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
redux-devtools
Advanced tools
A live-editing time travel environment for Redux.
See Dan's React Europe talk demoing it!
persistState()
store enhancer, you can persist debug sessions across page reloadsnpm install --save-dev redux-devtools
DevTools is a store enhancer, which should be added to your middleware stack after applyMiddleware
as applyMiddleware
is potentially asynchronous. Otherwise, DevTools won’t see the raw actions emitted by asynchronous middleware such as redux-promise or redux-thunk.
To install, firstly import devTools
into your root React component:
// Redux utility functions
import { compose, createStore, applyMiddleware } from 'redux';
// Redux DevTools store enhancers
import { devTools, persistState } from 'redux-devtools';
// A monitor component for Redux DevTools
import LogMonitor from 'redux-devtools-log-monitor';
Then, add devTools
to your store enhancers, and create your store:
const finalCreateStore = compose(
// Enables your middleware:
applyMiddleware(m1, m2, m3), // any Redux middleware, e.g. redux-thunk
// Provides support for DevTools:
devTools(),
// Lets you write ?debug_session=<name> in address bar to persist debug sessions
persistState(window.location.href.match(/[?&]debug_session=([^&]+)\b/))
)(createStore);
const store = finalCreateStore(reducer);
Finally, include the DevTools
in your page. You may pass either LogMonitor
(the default one) or any of the custom monitors described below.
export default class Root extends Component {
render() {
return (
<div>
<Provider store={store}>
<CounterApp />
</Provider>
<LogMonitor store={store.devToolsStore} />
</div>
);
}
}
Make sure to only apply devTools()
in development! In production, this will be terribly slow because actions just accumulate forever. (We'll need to implement a rolling window for dev too.)
For example, in Webpack, you can use DefinePlugin
to turn magic constants like __DEV__
into true
or false
depending on the environment, and import and render redux-devtools
conditionally behind if (__DEV__)
. Then, if you have an Uglify step before production, Uglify will eliminate dead if (false)
branches with redux-devtools
imports. Here is an example that adds Redux DevTools handling the production case correctly.
You can do this:
git clone https://github.com/gaearon/redux-devtools.git
cd redux-devtools
npm install
cd examples/counter
npm install
npm start
open http://localhost:3000
Try clicking on actions in the log, or changing some code inside examples/counter/reducers/counter
.
For fun, you can also open http://localhost:3000/?debug_session=123
, click around, and then refresh.
Oh, and you can do the same with the TodoMVC example as well.
You can build a completely custom UI for it because <DevTools>
accepts a monitor
React component prop. The included LogMonitor
is just an example.
I challenge you to build a custom monitor for Redux DevTools!
Some crazy ideas for custom monitors:
LogMonitor
propTypes to see what you can do.In fact some of these are implemented already:
Create a PR to add your custom monitor.
MIT
FAQs
Redux DevTools with hot reloading and time travel
The npm package redux-devtools receives a total of 45,530 weekly downloads. As such, redux-devtools popularity was classified as popular.
We found that redux-devtools demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.